Without exception, everyone likes to get money back off the taxman.

That being so, how would you react if you found the email below in one of your mailboxes?

screenshot of phishing email offering tax refund

Genuine email from HMRC or a fake – can you tell?

With the subject line “Error in the calculation of your tax“, all the right colours used by HMRC and genuine links to HMRC website pages on both the left and right of the main message, it definitely has the appearance of a genuine email from the taxman.

Would your reaction be one of joy that HMRC is prepared to refund you £1,400 of your hard-earned cash? Would that then lead you to click on the link below that figure in green text – the one enticingly indicating My Refvund?

Running my mouse over that link revealed that it did not go to the HMRC website at all, but a phishing page on a website that seems to be hosted in Bangkok, which is not somewhere I suspect that hosts many .gov.uk domains.

In addition to the dodgy spelling of the link, another clue is the incorrect use of capitalisation in the final paragraph.

In case readers were unaware of the HMRC’s procedures, the taxman never sends notifications of a tax rebate by email or asks taxpayers to disclose personal or payment information by email.

HMRC’s advice to anyone who has received a HMRC-related phishing/bogus email it to forward it to phishing@hmrc.gsi.gov.uk and then delete it.

HMRC’s website has comprehensive advice on phishing and bogus emails.

Stay safe!